CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4201
https://notcve.org/view.php?id=CVE-2019-4201
IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 159122. IBM Jazz for Service Management versiones 1.1.3, 1.1.3.1 y 1.1.3.2 podría permitir a un atacante remoto dirigir ataques de phishing, usando un ataque de redireccionamiento abierto. • https://exchange.xforce.ibmcloud.com/vulnerabilities/159122 https://www.ibm.com/support/docview.wss?uid=ibm10885592 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •